Vulnerabilities > CVE-2004-2569 - Symbolic Link vulnerability in IPMenu Log File
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
ipmenu 0.0.3 before Debian GNU/Linux ipmenu_0.0.3-5 allows local users to overwrite arbitrary files via a symlink attack on the ipmenu.log temporary file.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 4 |
Nessus
| NASL family | Debian Local Security Checks |
| NASL id | DEBIAN_DSA-907.NASL |
| description | Akira Yoshiyama noticed that ipmenu, an cursel iptables/iproute2 GUI, creates a temporary file in an insecure fashion allowing a local attacker to overwrite arbitrary files utilising a symlink attack. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 22773 |
| published | 2006-10-14 |
| reporter | This script is Copyright (C) 2006-2019 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/22773 |
| title | Debian DSA-907-1 : ipmenu - insecure temporary file |
References
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=244709
- http://secunia.com/advisories/11526
- http://secunia.com/advisories/17682
- http://securitytracker.com/id?1010064
- http://www.debian.org/security/2005/dsa-907
- http://www.osvdb.org/5788
- http://www.securityfocus.com/bid/10269
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16052